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CLAIMS 



1. An online payment system, comprising: 

customer, i.e., the buyer, which is the party that a certain amount 
of money will be deducted from his/her account to pay a merchant, 

the customer's bank of account or agency bank, i.e., the party 
that can confirm the customer's account information and execute 
deduction for payment, 

merchant, i.e., the service provider or merchandise provider, 
which is the party that will collect the payment, 

the merchant's bank of collecting account or agency bank, 

a payment gateway, which is a system responsible for handling 
payment information from the network, authenticating the customer 
and the merchant, and confirming authenticity and validity of a 
transaction; 

the customer, the merchant, and the payment gateway being 
connected to each other over Internet; after processing system of 
the payment gateway confirms legality of the transaction, the payment 
gateway sending a payment request, and, after the payment is 
completed, the payment gateway informing the two parties (i.e., the 
customer and the merchant) involved in the transaction of the payment 
information; 

the payment gateway communicating with the customer and the 
merchant at one side to authenticate identity of the customer and 
identity of the merchant (password-based identity authentication for 
the customer, and certificate-based identity authentication for the 
merchant) and confirming the transaction and transaction value; and 
the payment gateway communicating with the bank of paying account 
and the bank of collecting account at the other side, to transfer 
payment request and deduction information; 
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wherein 

said payment gateway has a customer information database, which 
stores the customer's actual identity, the customer's identity for 
online transaction, and the basic information of the customer's 
account; 

there is arranged an assistant customer identity authentication 
system between said payment gateway and said customer, and said 
assistant authentication system connects said customer to said 
payment gateway in a non-Internet approach; 

after the payment gateway verifies the customer's identity for 
online transactions has been logged in the customer information- 
database (i.e., the customer's identity is valid), it generates an 
authorization code for the received payment request, and sends the 
authorization code to the customer via the assistant customer 
identity authentication system; after the customer receives that 
authorization code, the customer enter the authorization code on the 
correct page in the payment gateway; after verifying the 
authorization code successfully, the payment gateway confirms the 
customer has passed the identity authentication, sends the payment 
information, obtains the processing result from the bank, and 
forwards the processing result to the customer and the merchant. 

2. The online payment system as in claim 1, wherein said assistant 
customer identity authentication system comprises a customer 
terminal and an switch system; said customer terminal has its initial 
information registered in the payment gateway; said switch system 
connects said customer terminal to said payment gateway, and receives 
information from said payment gateway and forwards the information 
to said customer terminal. 

3 . The online payment system as in claim 2 , wherein the information 
received by said switch system from said payment gateway comprises 
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an authorization code and transaction information. 

4. The online payment system as in claim 1, wherein said 
authorization code is generated dynamically and has a validity periods- 
said authorization code is deemed as valid only when it is inputted 
on the correct page in the payment gateway within the validity period; 
otherwise said authorization code will be deemed as invalid. 

5. The online payment system as in claim 1 or 2, wherein said 
customer terminal of the assistant customer identity authentication 
system is a dedicated device, and has its initial information 
registered in the payment gateway. 

6. The online payment system as in claim 5, wherein said customer 
terminal is a dedicated device separately configured, and is provided 
by said payment gateway. 

7. The online payment system as in claim 5, wherein said customer 
terminal is a device conforming to the standard of said payment 
gateway. 

8. The online payment system as in claim 5, wherein said customer 
terminal is a dedicated switching card provided by said payment 
gateway, and is inserted in a personal or home electronic or 
electrical device such as a STB or a remote controller, etc. 

9. The online payment system as in claim 1 or 2, wherein the 
customer terminal of said assistant customer identity authentication 
system is a non-dedicated device, such as a telephone, a mobile 
telephone, a BP, or a PDA, etc.; before said non-dedicated device 
can be used as the customer terminal, it shall have its initial 
information registered in the payment gateway or a place designated 
by the payment gateway. 

10. The online payment system as in claim 2, wherein the initial 
information of said customer terminal registered in the payment 
gateway may be one or more information of the customer terminal. 
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11. The online payment system as in claim 2, wherein said 
customer terminal that is used to receive the authorization code may 
not be a customer terminal with initial information registered in 
the payment gateway. 

12. The online payment system as in claim 1, wherein there is 
a bank's information processing system between the payment gateway 
and the bank; said bank's information processing system is connected 
to the payment gateway, the payer's bank of paying account or agency 
bank, and the payee's bank of collecting account or agency bank; the 
payment gateway sends the payment request to said bank's information 
processing system and obtains the processing result (successful 
deduction or payment rejection) of the payment request from said 
bank's information processing system. 

13. The online payment system as in claim 12, wherein said 
payment gateway and said bank's information processing system are 
network platforms provided by different entities. 

14. The online payment system as in claim 12, wherein said 
payment gateway and said bank's information processing system are 
network platforms provided by the same entity. 

15 . The online payment system as in claim 12 , wherein said bank ' s 
information processing system is a network platform provided by the 
payer's bank of account. 

16. The online payment system as in claim 12, wherein said bank' s 
information processing system is a network platform provided by the 
payment collecting bank or its agency bank. 

17. The online payment system as in claim 13, wherein said 
payment gateway and said bank's information processing system are 
network platforms provided by a third party irrelevant to the 
transaction . 

18. The online payment system as in claim 1 or 12, wherein said 

35 



Atty. Dkt: OP0601335 
PCT^origlnaLUS 

payment gateway has a customer information database, which stores 
the customer's information and the customer's bank account 
information; the customer's identity in said customer information 
comprises the customer's actual identity and identity for online 
transactions; said identity for online transaction can be the 
customer's actual identity or an identity specified by the customer 
freely. 

19. An online payment authentication method, comprising 
authenticating the two parties (i.e. , the customer and the merchant) 
involved in the online transaction (certificate-based identity 
authentication for the merchant, and password-based identity 
authentication for the customer) , are confirming the transaction and 
transaction value; wherein 

said method further comprises performing a dynamic assistant 
identity authentication for the customer. 

20. The online payment authentication method as in claim 19, 
wherein said method comprises the following steps: 

initializing a transaction request by the customer when he/she 
browses on the network; 

receiving, by the merchant, said transaction request; 

sending, by the customer, a payment request and entering into 
the interface of a payment gateway; 

requesting, by said payment gateway, the customer to enter his/her 
password for online payment over Internet for customer identity 
authentication and verifying said password; 

when the password is incorrect, rejecting, by said payment gateway, 
said transaction request; 

when the password is correct, generating an authorization code 
dynamically; 

sending, by the payment gateway, the authorization code to the 
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customer via an assistant customer identity authentication systems- 
entering, by the customer, the authorization code on the correct 
page in the payment gateway after he/she receives the authorization 
code; 

confirming, by the payment gateway, the customer identity has 
passed the authentication after verifying by the payment gateway the 
authorization code successfully, and then sending a payment request; 

wherein said step of sending by the payment gateway the 
authorization code to the customer via an assistant customer identity 
authentication system is performed through a non-Internet approach . 

21- The online payment authentication method as in claim 20, 
wherein said step of confirming by the payment gateway the customer 
identity has passed the authentication after verifying by the payment 
gateway the authorization code successfully and then sending a 
payment request comprises, notifying, by said bank's information 
processing system, the payer's bank of account to deduct the 
specified payment amount, and returning the processing result to said 

payment gateway. 

22. The online payment authentication method as in claim 20, 
further comprising the following steps: 

choosing, by the customer, merchandise at the merchant's website 
and creating an order; 

choosing, by the customer, "authentication with mobile telephone 
short message" as the assistant identity authentication mode; 

entering, by the customer, into the interface of the payment 
gateway of the online payment system, and entering the mobile 
telephone number and the password for online payment at a prompt on 
the interface; 

when receiving customer information, judging, by the payment 
gateway, the mobile telephone number and the password for online 
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payment; when said mobile telephone number has initial information 
registered in the payment gateway and the password is correct, 
generating, by the payment gateway, an authorization code 
dynamically; 

sending, by the payment gateway, said authorization code and the 
payment amount to SMS center; 

sending, by the SMS center, the received authorization code to 
the customer's mobile telephone; 

when receiving the short message, entering, by the customer, the 
authorization code on the payment page at a prompt on the page; 

after verifying the authorization code successfully, deeming, 
by the payment gateway, the customer's identity has passed the 
authentication, and executing the next subsequent payment step. 

23. The online payment authentication method as in claim 20 or 
21, wherein said step of when the password is correct, generating 
an authorization code dynamically comprises, specifying a valid 
period for the authorization code; and the correct authorization code 
must be inputted within the specified validity period. 

24. The online payment authentication method as in claim 20, 
further comprising, sending, by the payment gateway, the 
authorization code and the transaction information to the customer 
terminal via the assistant customer identity authentication system. 

25. The online payment authentication method as in claim 20, 
wherein said step of sending by the payment gateway the authorization 
code to the customer via an assistant customer identity 
authentication system comprises sending by the payment gateway the 
authorization code to the customer via an assistant customer identity 
authentication system to the customer terminal. 

26. The online payment authentication method as in claim 20, 
wherein in said step of sending by the payment gateway the 

38 



Atty. Dkt: OP0601335 
PCT_original_US 

authorization code to the customer via an assistant customer identity 
authentication system to the customer terminal, the customer 
terminal is specified by the customer. 
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